Lucene search

K
openvas
Copyright (c) 2012 Greenbone Networks GmbHOPENVAS:1361412562310840876
HistoryJan 25, 2012 - 12:00 a.m.

Ubuntu Update for curl USN-1346-1

2012-01-2500:00:00
Copyright (c) 2012 Greenbone Networks GmbH
plugins.openvas.org
6

0.009 Low

EPSS

Percentile

81.1%

Ubuntu Update for Linux kernel vulnerabilities USN-1346-1

###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_1346_1.nasl 14132 2019-03-13 09:25:59Z cfischer $
#
# Ubuntu Update for curl USN-1346-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

if(description)
{
  script_xref(name:"URL", value:"http://www.ubuntu.com/usn/usn-1346-1/");
  script_oid("1.3.6.1.4.1.25623.1.0.840876");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_version("$Revision: 14132 $");
  script_tag(name:"last_modification", value:"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $");
  script_tag(name:"creation_date", value:"2012-01-25 11:16:25 +0530 (Wed, 25 Jan 2012)");
  script_cve_id("CVE-2012-0036");
  script_xref(name:"USN", value:"1346-1");
  script_name("Ubuntu Update for curl USN-1346-1");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2012 Greenbone Networks GmbH");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU(10\.10|11\.04)");
  script_tag(name:"summary", value:"Ubuntu Update for Linux kernel vulnerabilities USN-1346-1");
  script_tag(name:"affected", value:"curl on Ubuntu 11.04,
  Ubuntu 10.10");
  script_tag(name:"solution", value:"Please Install the Updated Packages.");
  script_tag(name:"insight", value:"Dan Fandrich discovered that curl incorrectly handled URLs containing
  embedded or percent-encoded control characters. If a user or automated
  system were tricked into processing a specially crafted URL, arbitrary
  data could be injected.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-deb.inc");

release = dpkg_get_ssh_release();
if(!release)
  exit(0);

res = "";

if(release == "UBUNTU10.10")
{

  if ((res = isdpkgvuln(pkg:"libcurl3", ver:"7.21.0-1ubuntu1.3", rls:"UBUNTU10.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"libcurl3-gnutls", ver:"7.21.0-1ubuntu1.3", rls:"UBUNTU10.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}


if(release == "UBUNTU11.04")
{

  if ((res = isdpkgvuln(pkg:"libcurl3", ver:"7.21.3-1ubuntu1.5", rls:"UBUNTU11.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"libcurl3-gnutls", ver:"7.21.3-1ubuntu1.5", rls:"UBUNTU11.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"libcurl3-nss", ver:"7.21.3-1ubuntu1.5", rls:"UBUNTU11.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}
How to find holes in your network?

Try incredible fast Vulners Perimeter Scanner and find vulnerabilities and unnecessary ip and ports in network devices inside your network before anyone else.

Try Network Scanner

0.009 Low

EPSS

Percentile

81.1%

Related for OPENVAS:1361412562310840876